> # cat /etc/iked.conf
> ikev2 "rathaus" active esp \
> from 192.168.0.0/24 to any \
> from dynamic to 192.168.0.0/24 \
> peer vpn.example.com \
> srcid o2@rathaus \
> psk "will-change-to-certs-if-testing-is-finished" \
> request address any \
> iface lo1
I discovered that
peer vpn.example.com local 2003:c8:2721:cc00:f773:7319:68a6:8ed8
works. (Even though the logs show that this address is already used you
have to explicitly mention it via "local" again.) Since "local" accepts
a hostname, my workaround/solution is:
peer vpn.example.com local dyndns-client.example.com
No comments:
Post a Comment